1. Biden Administration Imposes Sanctions on Russia for SolarWinds

    On April 15, the Biden administration both formally attributed the SolarWinds espionage campaign to the Russian Foreign Intelligence Service (SVR), and imposed a series of sanctions designed to punish the country for the attack and deter future attacks.

    I will leave it to those with experience in foreign relations to convince me that the response is sufficient to deter future operations. To me, it feels like too little. The New York Times reports that “the sanctions will be among what President Biden’s aides say are ‘seen and unseen steps in response to the hacking,” which implies that there’s more we don’t know about....

  2. Details on the Unlocking of the San Bernardino Terrorist’s iPhone

    The Washington Post has published a long story on the unlocking of the San Bernardino Terrorist’s iPhone 5C in 2016. We all thought it was an Israeli company called Cellebrite. It was actually an Australian company called Azimuth Security.

    Azimuth specialized in finding significant vulnerabilities. Dowd, a former IBM X-Force researcher whom one peer called “the Mozart of exploit design,” had found one in open-source code from Mozilla that Apple used to permit accessories to be plugged into an iPhone’s lightning port, according to the person...

  3. Friday Squid Blogging: Blobs of Squid Eggs Found Near Norway

    Divers find three-foot “blobs” — egg sacs of the squid Illex coindetii — off the coast of Norway.

    As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

    Read my blog posting guidelines here.

  4. Cybersecurity Experts to Follow on Twitter

    Security Boulevard recently listed the “Top-21 Cybersecurity Experts You Must Follow on Twitter in 2021.” I came in at #7. I thought that was pretty good, especially since I never tweet. My Twitter feed just mirrors my blog. (If you are one of the 134K people who read me from Twitter, “hi.”)

  5. NSA Discloses Vulnerabilities in Microsoft Exchange

    Amongst the 100+ vulnerabilities patch in this month’s Patch Tuesday, there are four in Microsoft Exchange that were disclosed by the NSA.

  6. DNI’s Annual Threat Assessment

    The office of the Director of National Intelligence released its “Annual Threat Assessment of the U.S. Intelligence Community.” Cybersecurity is covered on pages 20-21. Nothing surprising:

    • Cyber threats from nation states and their surrogates will remain acute.
    • States’ increasing use of cyber operations as a tool of national power, including increasing use by militaries around the world, raises the prospect of more destructive and disruptive cyber activity.
    • Authoritarian and illiberal regimes around the world will increasingly exploit digital tools to surveil their citizens, control free expression, and censor and manipulate information to maintain control over their populations. ...
  7. Upcoming Speaking Engagements

    This is a current list of where and when I am scheduled to speak:

    The list is maintained on this page.

  8. The FBI Is Now Securing Networks Without Their Owners’ Permission

    In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the later days when the Chinese probably realized that the vulnerabilities would soon be fixed, was to install a web shell in compromised networks that would give them subsequent remote access. Even if the vulnerabilities were patched, the shell would remain until the network operators removed it.

    Now, months later, many of those shells are still in place. And they’re being used by criminal hackers as well...

  9. More Biden Cybersecurity Nominations

    News:

    President Biden announced key cybersecurity leadership nominations Monday, proposing Jen Easterly as the next head of the Cybersecurity and Infrastructure Security Agency and John “Chris” Inglis as the first ever national cyber director (NCD).

    I know them both, and think they’re both good choices.

    More news.

  10. Friday Squid Blogging: Jurassic Squid and Prey

    A 180-million-year-old Vampire squid ancestor was fossilized along with its prey.

    As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

    Read my blog posting guidelines here.

Copyright © 2021 • All Rights Reserved.Sensible Voice, LLC
1 High Street • Brandon, VT 05733 • Contact Us • Privacy Policy